Welcome to Rappler, a social news network where stories inspire community engagement and digitally fuelled actions for social change. Rappler comes from the root words "rap" (to discuss) + "ripple" (to make waves).

ACCOUNTABILITY. Lawyer Toby Purisima discusses the Comelec's possible liabilities in a forum on the leak of voters' personal information on Saturday, April 23. Michael Bueza/Rappler

MANILA, Philippines – For betraying the public’s trust, officials of the Commission on Elections (Comelec) can be impeached following the online leak of voters’ personal information, some lawyers argued on Saturday, April 23.

Lawyer Toby Purisima said that under Section 2, Article XI of the Constitution, betrayal of public trust is one of the grounds for impeachment of the chairman and commissioners of constitutional commissions like the Comelec.

This is following the leak of voter registration records, which were accessed by hackers from the Comelec website on March 27. The issue intensified on April 21 when a website surfaced wherein the database of voters’ personal information were made searchable.

“There is a school of thought that we have to impeach them first before we could disbar them. It could also apply in filing criminal cases against Comelec officials,” Tongol said.

Meanwhile, the hackers are liable under the Cybercrime Prevention Act, Data Privacy Act, and e-Commerce Act for unauthorized access of the Comelec website, and unauthorized disclosure or sharing of the leaked personal information.

However, Tongol argued that the Cybercrime Prevention Act and the Data Privacy Act may not be filed at the same time against the hackers, due to the double jeopardy rule.

Purisima and Tongol discussed these legalities during a technical forum on the Comelec data leak on Saturday. The forum was organized by Text Power, Computer Professionals Union, and 8layer Technologies Incorporated.

‘Make them accountable’

According to the two lawyers, the Comelec, as the controller of personal information, may also be made accountable for the data leak under the following laws:

RA 6713 or the Code of Conduct and Ethical Standards for Public Officials, for negligence in protecting voters’ data

Section 3(e) of RA 3019 or the Anti-Graft and Corrupt Practices Act for “causing any undue injury" to voters

There is also an accessory penalty under the Data Privacy Act of disqualification from running for public office that would be imposed on concerned Comelec officials, if found guilty.

Under the same law, the Comelec can also be charged for downplaying the incident and the concealment of the security breach or by not informing the voters immediately of the release of their personal information. (READ: Is Comelec liable for website data leak?)

"Up to now, the Comelec has not admitted directly to voters that the leaked files were our voter data," noted Tonyo Cruz of TXTPower.

"We have to make them liable. Bad things will keep happening if we don't make them liable," said Tongol.

Purisima added that this incident should produce a “chilling effect” to the Comelec and other government agencies. "Ang sagot natin dapat sa gobyerno, huwag 'nyo itong gagawin ulit sa susunod,” said Purisima.

(Our response to the government should be, 'You should not let this happen next time.)

“We should use our power as citizens to make them accountable,” he noted.

Purisima served as the counsel for bloggers and netizens in one of the petitions filed against the Cybercrime Prevention Act in 2012. Tongol is a data privacy lawyer. – Rappler.com

Would you like to share your vote?

Welcome to Rappler, a social news network where stories inspire community engagement and digitally fuelled actions for social change. Rappler comes from the root words "rap" (to discuss) + "ripple" (to make waves).